Date: Mon, 16 Jan 2012 03:12:36 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: Jumbo future
On Sun, Jan 15, 2012 at 10:19:02PM +0100, magnum wrote:
> On 01/15/2012 04:03 PM, Solar Designer wrote:
> > A related task is to support DragonFly BSD's ridiculous SHA-256 and
> > SHA-512 based hashes, without SIMD yet:
> >
> > http://www.openwall.com/lists/oss-security/2012/01/02/5
> >
> > This may be needed to make them reconsider sooner rather than later.
> > My oss-security postings CC'ed to Matt didn't do the trick.
>
> This I can do. We can handle both of them in one format.
I am not sure if that's a good idea: they're of slightly different
speed, especially when running on a 32-bit system (I think the
difference may be 3x or so in this case). So the SHA-256 based
hashes may and should be attacked at their higher c/s rate without the
SHA-512 based ones slowing this down. And we'd want to have benchmarks
for them separately.
So two formats. If you like, you can have one source file provide two
format structs, though, or you can have two format files use a third
file for shared code.
> I see now we
> also lack OMP support in the raw-SHA2 formats. I'll do that as well.
Right. Sounds great.
Here's one more: Drupal 7 uses a revision of phpass with MD5 replaced
with SHA-512 and hashes cut at 258 bits (yes, 258 - that's a multiple of 6).
These hash encodings use the $S$ prefix. Perhaps we should support them.
> > Another related task is to have SHA-crypt (glibc's) supported in JtR
> > directly, not only through the "generic crypt(3)" format and through
> > Lukas' GPU patches. We can do it without SIMD initially. There are
> > some optimizations to make even without SIMD.
>
> I could put together an OpenSSL version with OMP support, for a starter.
Yeah, I thought of starting with that too. If you have time, please
notify the list and proceed.
Thanks,
Alexander